summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-10-22sd-bus: factor out creds item iteratorDaniel Mack
We will re-use the code to walk items in order to populate a creds object, so let's factor it out first.
2014-10-22sd-bus: sync kdbus.hDaniel Mack
kdbus learned a new command to query a bus creator's credentials. Sync kdbus.h first, which also renames some struct to more generic terms. That is, however, not an ABI break this time.
2014-10-22journald: add CAP_MAC_OVERRIDE in journald for SMACK issueJuho Son
systemd-journald check the cgroup id to support rate limit option for every messages. so journald should be available to access cgroup node in each process send messages to journald. In system using SMACK, cgroup node in proc is assigned execute label as each process's execute label. so if journald don't want to denied for every process, journald should have all of access rule for all process's label. It's too heavy. so we could give special smack label for journald te get all accesses's permission. '^' label. When assign '^' execute smack label to systemd-journald, systemd-journald need to add CAP_MAC_OVERRIDE capability to get that smack privilege. so I want to notice this information and set default capability to journald whether system use SMACK or not. because that capability affect to only smack enabled kernel
2014-10-22hwdb: Add mapping for special keys on compaq ku 0133 keyboardsHans de Goede
The compaq ku 0133 keyboard has 8 special keys at the top: http://lackof.org/taggart/hacking/keyboard/cpqwireless.jpg 3 of these use standard HID usage codes from the consumer page, the 5 others use part of the reserved 0x07 - 0x1f range. This commit adds mapping for this keyboard for these reserved codes, making the other 5 keys work. Cc: Hans de Goede <hdegoede@redhat.com> Signed-off-by: Hans de Goede <hdegoede@redhat.com>
2014-10-22update TODOLennart Poettering
2014-10-22resolved: simplify detection of packets from the loopback deviceLennart Poettering
We can simplify our code quite a bit if we explicitly check for the ifindex being 1 on Linux as a loopback check. Apparently, this is hardcoded on Linux on the kernel, and effectively exported to userspace via rtnl and such, hence we should be able to rely on it.
2014-10-22networkd: Fix a couple of typosTorstein Husebø
2014-10-22sd-bus: assert clock_gettime()'s return valueDaniel Mack
Don't handle clock_gettime() errors gracefully but use assert_se().
2014-10-22update TODOLennart Poettering
2014-10-22README: simplify documented dependency on util-linuxLennart Poettering
we stritcly require features from util-linux v2.25, such a new version is not optional, hence document this.
2014-10-22fsck: re-enable fsck -lKarel Zak
The -l (lock) has been temporary disabled due to conflict with udev (https://bugs.freedesktop.org/show_bug.cgi?id=79576) The problem is fixed since util-linux v2.25 (Jul 2014).
2014-10-22Update TODOLennart Poettering
2014-10-22CODING_STYLE: clarify that single-line if blocks should not be enclosed in {}Lennart Poettering
2014-10-21sd-bus: sync kdbus.h (API change: switch to absolute timeouts)Daniel Mack
kdbus_msg.timeout_ns now takes an absolute value, based on CLOCK_MONOTONIC, in order to eventually support automatically restarted syscalls. Signed-off-by: Daniel Mack <daniel@zonque.org>
2014-10-21sd-bus: sync kdbus.h (ABI break)Daniel Mack
In kdbus.h, the following details changed: * All commands gained a 'kernel_flags' field to report the flags supported by the driver. Before, this was done in the 'flags' field in a bidirectional way, which turned out to be a problem for the code in sd-bus, as many parts of it reuse the same ioctl struct more than once and consider them to be owned by userspace. * Name listings are now returned by a new struct instead of reusing struct kdbus_cmd_name for that matter. This way, we don't add more unneeded fields to it and make the API cleaner. * 'conn_flags' was renamed to 'flags' in struct kdbus_cmd_hello to make the API a bit more unified.
2014-10-21strv: use realloc_multiply() to check for multiplication overflowMichal Schmidt
This could overflow on 32bit, where size_t is the same as unsigned.
2014-10-21strv: add an additional overflow check when enlarging strv()sLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=76745
2014-10-21man: add examples for coredumpctlRonny Chevalier
Add examples to clarify how to use coredumpctl See https://bugs.freedesktop.org/show_bug.cgi?id=83437
2014-10-21man: fix project reference for archlinuxRonny Chevalier
2014-10-21man: add missing commasRonny Chevalier
2014-10-21man: move one more nspawn example into a proper <example> sectionLennart Poettering
2014-10-21man: use <example> instead of multiple <refsect1> for examplesRonny Chevalier
2014-10-21shared: remove unused functionsRonny Chevalier
- mkdir_p_prefix: It has never been used - mkdir_parents_prefix_label: Unused since 1434ae6fd49f8377b0ddbd4c675736e0d3226ea6
2014-10-21util: avoid duplication of TIME_T_MAXRonny Chevalier
2014-10-20update TODOLennart Poettering
2014-10-20sd-journal: consistently use ternary operator for all direction checksChristian Hesse
2014-10-20bus-proxy: let's make use of the translated errors get_creds_by_name() ↵Lennart Poettering
provides us with
2014-10-20Revert "bus-proxyd: improve compatibility with dbus-1"Lennart Poettering
This reverts commit b0f84d4d7832659f2216bda7a7cdf51f5e79c6eb. get_creds_by_name() already translate the error nicely, we just need to make use of it.
2014-10-20man: try to reword explanation of Sockets= a bitLennart Poettering
2014-10-20kdbus: free returned buffer when the memory is no longer neededLukasz Skalski
2014-10-20man: fix localectl set-x11-keymap syntax descriptionJan Synacek
2014-10-20update TODOLennart Poettering
2014-10-20man: document sd_bus_creds_get_connection_name()Lennart Poettering
2014-10-20man: suffix C functions with ()Lennart Poettering
2014-10-20man: document sd_machine_get_class() and sd_machine_get_ifindices()Lennart Poettering
2014-10-20sysctl.d: default to fq_codel, fight bufferbloatMichal Schmidt
Quoting from Jon Corbet's report of Stephen Hemminger's talk at Linux Plumbers Conference 2014 (https://lwn.net/Articles/616241/): [...] So Stephen encouraged everybody to run a command like: sysctl -w net.core.default_qdisc=fq_codel That will cause fq_codel to be used for all future connections [Qdiscs apply to interfaces, not connections. Pointed out by TomH in the article comments. -- mschmidt] (up to the next reboot). Unfortunately, the default queuing discipline cannot be changed, since it will certainly disturb some user's workload somewhere. Let's have the recommended default in systemd. Thanks to Dave Täht for advice and the summary at https://lists.bufferbloat.net/pipermail/cerowrt-devel/2014-October/003701.html
2014-10-20sd-bus: sync kdbus.h (ABI break)Daniel Mack
kdbus.h now has KDBUS_ATTACH_COMM split into KDBUS_ATTACH_TID_COMM and KDBUS_ATTACH_PID_COMM. The items were split already, so the change in systemd is easy.
2014-10-19shell-completion/bash: add add-wants and add-requiresLukas Nykryn
2014-10-18sd-bus: sync kdbus.h (ABI break)Daniel Mack
In kdbus.h, the 'features' field has been dropped again. Instead of negotiating features that way, we decided to make the kernel return the set of supported flags in each ioctl struct's .flags field, in both the success and error cases.
2014-10-17systemd: try harder to bind to notify socketZbigniew Jędrzejewski-Szmek
Without the socket open we are going to crash and burn. If for whatever reason we fail during deserialization we will fail when trying to open the socket. In this case it is better to unlink the old socket and maybe lose some messages, than to continue without the notification socket. Of course this situation should not happen, but we should handle it as gracefully as possible anyway. https://bugzilla.redhat.com/show_bug.cgi?id=1099299
2014-10-17systemd: log deserialization errors as warningsZbigniew Jędrzejewski-Szmek
If we failed to parse something that we wrote ourselves, things are seriously off. This is also likely to lead to problems futher on.
2014-10-17systemd: continue switch-root even if umount failsZbigniew Jędrzejewski-Szmek
Leaving the old root around seems better than aborting the switch.
2014-10-17nspawn: fix DeviceAllow listDaniel Mack
Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the container") added "/dev/net/tun" to the list of allowed devices but forgot to tweak the array length, which caused "/dev/kdbus/*" to be missed.
2014-10-17environment: append unit_id to error messages regarding EnvironmentFileLukas Nykryn
2014-10-17missing: remove fanotifyZbigniew Jędrzejewski-Szmek
It was only used in readahead.
2014-10-17execute: downgrade namespace error to "warning"Lennart Poettering
Also, extend the printed warning a bit, explaining the situation more verbosely.
2014-10-17update TODOLennart Poettering
2014-10-17namespace: add missing 'const' to parametersLennart Poettering
2014-10-17systemctl: by default interactively ask for polkit authorization, if possibleLennart Poettering
Also, allow using --no-ask-password to turn off ineractive polkit authorization.
2014-10-17execute: don't fail child when we don't have privileges to setup namespacesMichal Sekletar
If we don't have privileges to setup the namespaces then we are most likely running inside some sort of unprivileged container, hence not being able to create namespace is not a problem because spawned service can't access host system anyway.